[Cryptography-dev] Certifying a DH key
Paul Kehrer
paul.l.kehrer at gmail.com
Wed May 15 10:42:41 EDT 2024
cryptography does not support encoding a FFDH public key in a
certificate at this time. OpenSSL should since the OID for a DH public
key cert is defined in RFC 3279 (among other places).
-Paul
On Wed, May 15, 2024 at 1:02 PM Bruno Martin
<Bruno.Martin at univ-cotedazur.fr> wrote:
>
> Hi,
>
> For teaching purposes I wish to implement a semi-ephemeral DH key exchange like in NIST SP800-56 (but for a non EC group).
> The recipient’s key is static while the sender’s key is ephemeral.
> To authenticate the ephemeral sender key I’d like to X.509 certify it (and also the recipent’s one too).
>
> I can generate the dh parameters, the static and ephemeral keys, put it in PEM format.
> So far so good.
> But I cannot find how to create the csr to provide to a CA.
> While trying with x509, I got the error message
> Key must be an rsa, dsa, ec, ed25519, or ed448 private key.
>
> Is there any way to get a certificate for a dh public key ?
>
> I can accept to use OpenSSL for this but couldn’t find either a way to proceed.
>
> Thanks for you help and sorry if my question is not well addressed to the list.
> I did not subscribe to the list, so I would appreciate a direct reply.
>
> Regards,
>
> Bruno
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
More information about the Cryptography-dev
mailing list